[jcifs] Cancel NTLM-Authentication Serverside

Ingo Rockel irockel at pironet-ndh.com
Fri Dec 17 08:54:19 GMT 2004

Hi all!

maybe someone has an idea concerning this. We have an application 
running in an OracleAS application server, jcifs is configured as sso in 
a filter. There also is a form-based login configured using a security 
constraint in the application server. So if a client logs in, the 
jcifs-ntlm-sso is called requesting ntlm-credentials, checking againt a DC.

Now the customer wants the login process to present the form based login 
to be shown if the sso against the dc fails because the client is 
unkown. First try was just to ignore the ntlm-login-fail and present the 
form based login. But problem is in this case IE thinks NTLM-auth was 
successfull and uses the NTLM header for all its requests. And the IE 
seems to have a special behavior concerning post-requests (like a form 
based login), it tries to reauthenticate the post request without 
sending the post data, unfortuneately the app server has the mentioned 
security constraint on this url and so again shows the form based login 
and the client is trapped.

Any idea how to tell the IE silently to stop trying to send NTLM-creds 
after first try failed.



Ingo Rockel - Produktentwicklung
Maarweg 149-161, 50825 Koeln
Tel.: +49 (0)221-770-1788 / Fax: +49 (0)221-770-1005
mailto:irockel at pironet-ndh.com - http://www.pironet-ndh.com

More information about the jcifs mailing list